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IN THE CLAIMS: 

Please revise the claims, as follows. 

1 . (Previously presented) A method of authenticating a subject, comprising: 

using one or a plurality of biometric measurements for authentication without any 
sharing of the subject's biometric data, by accomplishing said authentication without any of 
said one or plurality of biometric measurements being accessible in any form to any external 
device or external party, said biometric data being encrypted. 

2. (Original) The method according to claim 1, further comprising: 

storing said biometric data in an individual unit, said individual unit belonging to said 
subject. 

3. (Original) The method according to claim 2, wherein said individual unit is portable for 
being carried by said subject. 

4. (Original) The method according to claim 2, wherein said individual unit is non-portable. 

5. (Original) The method according to claim 2, wherein said individual unit comprises one 
of a smart card, a personal area network (PAN) tool, and an apparatus linked to a network. 
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6. (Original) The method according to claim 1 , further comprising: 

after said authentication, selectively obtaining access to any of a location, a service, 
and an option in a service by said subject. 

7. (Previously presented) A method of authenticating a subject, comprising: 

using one or a plurality of biometric measurements for authentication without any 
sharing of the subject's biometric data, by accomplishing said authentication without any of 
said one or plurality of biometric measurements being accessible in any form to any external 
device or external party; and 

generating at least one of a password and another authentication procedure based on 
biometric authentication locally under the subject's control. 

8. (Original) The method according to claim 7 S further comprising: 

securely storing the biometric on an apparatus carried by said subject. 

9. (Previously presented) A method of authenticating a subject, comprising: 

using one or a plurality of biometric measurements for authentication without any 
sharing of the subject's biometric data, by accomplishing said authentication without any of 
said one or plurality of biometric measurements being accessible in any form to any external 
device or external party; and 

generating at least one of a password and another authentication procedure based on 
at least one biometric feature extracted locally under the subject's control. 
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10. (Original) The method according to claim 9, wherein said generating is perform 
without storing the subject's biometric feature. 

1 1 . (Original) The method according to claim 9, further comprising: 

deriving said at least one of the password and the another authentication procedure 
from the biometric extracted locally when authentication is required. 

12. (Original) The method according to claim 7, further comprising: 

deriving said at least one of the password and the another authentication procedure 
from compressed biometrics extracted locally under the subject's control or from a network, 
when authentication is required. 

1 3 . (Previously presented) The method according to claim 7, further comprising: 

managing multiple passwords and authentication procedures, by at least one of: 
monitoring an authentication request; 
identifying a requester ; 

generating at least one of a new password and an authentication procedure for 
a new requester; 

storing the authentication procedure generation method and the identity of the 
requester in a secure manner; and 

authenticating the user for known requesters using the stored procedure and 
the result of the local authentication procedure. 
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14. (Previously presented) A method of authenticating a characteristic of a subject, without 
compromising privacy of the subject, said method comprising: 

using at least one of a plurality of authentication methods including personal 
information of the subject, a biometric of the subject, a password, a personal identification 
number (PIN) and a secured component; and 

simultaneously with said using, said subject maintaining confidentiality of 
authentication information by withholding access of said authentication information from any 
external device or external party, 

wherein said withholding access further includes an encryption of data stored that 
represents said biometric. 

15. (Previously presented) A method of authenticating a characteristic of a subject, without 
compromising privacy of the subject, said method comprising: 

using at least one of a plurality of authentication methods including personal 
information of the subject, a biometric of the subject, a password, a personal identification 
number (PIN) and a secured component; 

simultaneously with said using, said subject maintaining confidentiality of 
authentication information by withholding access of said authentication information from any 
external device or external party; and 

generating at least one of a password and another authentication procedure based on 
authentication locally under the subject's control. 
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16. (Original) The method according to claim 15, fiirther comprising: 

securely storing authentication information on an apparatus locally under the subject's 

control. 

17. (Original) The method according to claim 15, further comprising: 

deriving said at least one of the password and the another authentication procedure 
from the local authentication when authentication is required. 

18. (Original) The method according to claim 16, further comprising: 

securely storing the authentication information on the apparatus using at least one of a 
knowledge-based information, a possession-based information, a password-based 
information, and a biometric-based information. 

19. (Original) The method according to claim 14, further comprising: 

selectively completing the authentication with a remote service using a 
communication port and protocol. 

20. (Previously presented) A method for secure authentication of a subject, said method 
comprising: 

selectively requesting any of a password and a knowledge-based information from 
said subject; and 
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simultaneously with said selectively requesting, interrogating biometric information 
of the subject, said biometric information being carried by said subject and being maintained 
inaccessible by any external device. 

21 . (Original) The method according to claim 20, further comprising: 

using said biometric information to generate said password. 

22. (Original) The method according to claim 20, further comprising: 

performing biometric data verification by a device associated with said subject, 
wherein said biometric data verification activates a password-controlled 
authentication mechanism which transfers information, but which withholds sufficient 
information so that the biometric is not revealed, to a party requiring authentication. 

23. (Original) The method according to claim 21, wherein obtaining said password is 
performed by using at least one of an encryption and secure hashing. 

24. (Original) The method according to claim 20, wherein a device is carried by the subject 
to be authorized to perform a task, 

wherein at a moment of authorization, said device is presented to a reader of an 
authorizing machine of an entity seeking authentication, which prompts said device for a 
password for authorization to be given, and wherein said device reads a biometric of said 
subject using a sensor included in the device and computes the password. 

7 



PACE 8/17 • RCVD AT 5/16J2005 4:53:25 PM [Eastern Daylight Time] • SVR:USPTO-EFXRF-1/3 * DNIS:8729308 * CSID:7037612375 * DURATION (mm-ss):05-28 



05/16/2005 16:54 FAX 7037612375 McGinn&Gibb , PLLC @009 

S/N 09/372,170 
Docket: Y0998-529 

25. (Original) The method according to claim 24, wherein said device allows the password 
to be read by the authorizing machine. 

26. (Original) The method according to claim 25, wherein said password is read in a 
contacting manner. 

27. (Original) The method according to claim 25, wherein said password is read in a 
contact- free manner. 

28. (Original) The method according to claim 24, further comprising: 

using one of a hashing and a mapping technique, which is stable with respect to 
variations of the biometric extracted, said using including mapping regions of a 
biometric-print space, to the password having been computed. 

29. (Original) The method according to claim 28, wherein said using includes: 

measuring a biometric-print of the subject by ranking biometric prints of N subsets of 
M biometrics, 

wherein an index of a top ranking of each of the N subsets is used in computing the 
password. 

30. (Original) The method according to claim 24, further comprising: 

storing on the device information regarding a previous authentication including a 
biometric-print of the subject. 
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3 1 . (Original) The method according to claim 20, further comprising: 

encrypting a biometric-print using the subject's biometric and personal knowledge 
onto a device carried by said subject. 

32. (Original) The method according to claim 20, further comprising: 

providing a unique non-duplicable authentication mechanism on a device associated 
with said subject, said authentication mechanism being constructed so as to be completely 
independent of the biometric, 

wherein said authentication mechanism is prevented from accessing the biometric 

itself. 

33. (Original) The method according to claim 32, wherein said device associated with said 
subject produces a correct password only when the device reads a biometric from the subject. 

34. (Original) The method according to claim 20, wherein biometric information for a 
plurality of subjects is stored in a device associated with the subject. 

35. (Previously presented) An apparatus for secure authentication, without compromising 
privacy of a subject, said apparatus comprising: 

a reader, associated with the subject, for reading a specified biometric of said subject; 

and 

a password generator for producing a password needed, based on said biometric, 
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wherein said biometric is maintained as being inaccessible to any external device. 

36. (Original) The apparatus according to claim 35, wherein said password generator 
includes an encryption device using at least one of encryption and secure hashing. 

37. (Previously presented) An apparatus for secure authentication, said apparatus 
comprising: 

means, associated with a subject, for reading a specified biometric of said subject; and 

means for producing a password needed based on said biometric, without providing 
access to said biometric by any external device or by anyone other than said subject. 

38. (Original) The apparatus according to claim 37, wherein said means for producing said 
password includes an encryption device using at least one of encryption and secure hashing. 

39. (Previously presented) A method of identifying a subject, said method comprising: 

using one or a plurality of biometric measurements for identification without any 
sharing of the subject's biometric data by maintaining said biometric data as inaccessible to 
any external device, 

wherein said maintaining as inaccessible includes an encryption of said one or said 
plurality of biometric measurements before being stored as said biometric data. 
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40. (Previously presented) A method of identifying a subject, said method comprising: 

using one or a plurality of biometric measurements for identification without any 
sharing of the subject's biometric data by maintaining said biometric data as inaccessible to 
any external device, wherein ft the subject's identity is determined locally, under the subject's 
control, by having the subject provide at least one of a user ID and by biometric identification 
of the subject among enrolled authorized subjects, and 

wherein said identification produces a set of N best matches forN subsets, and an 
index formed by concatenation of the N indices uniquely identifies the subject. 

41 . (Previously presented) A method for identification of a subject, said method comprising: 

selectively requesting any of a password and a knowledge-based information from 
said subject; and 

simultaneously with said selectively requesting, interrogating biometric information 
of the subject, said biometric information being carried by said subject and being maintained 
as inaccessible by any external device. 

42. (Original) The method of claim 41, wherein a subject's identity is determined locally 
under the subject's control, by having the subject provide at least one of a user ID and by 
biometric identification of the subject among enrolled authorized subjects, and 

wherein said identification produces a set of N best matches for N subsets, and an 
. index formed by concatenation of the N indices uniquely identifies the subject. 
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43. (Previously presented) An apparatus for identification of a subject, said apparatus 
comprising: 

a reader, associated with the subject, for reading a specified biometric of said subject; 

and 

a password generator for producing a password needed, based on said biometric, 
wherein said biometric is maintained inaccessible by any external device. 

44. (Original) The apparatus according to claim 43, further comprising: 

means for storing data of said biometric in an individual unit, said individual unit 
belonging to said subject. 

45. (Original) The apparatus according to claim 44, wherein said individual unit is portable 
for being carried by said subject. 

46. (Original) The apparatus according to claim 44, wherein said individual unit is 
non-portable. 

47. (Original) The apparatus according to claim 44, wherein said individual unit comprises 
one of a smart card, a personal area network (PAN) tool, and an apparatus linked to a 
network. 

48. (Original) The apparatus according to claim 44, wherein a subject's identity is 
determined locally, under the subject's control, by having the subject provide at least one of a 
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user ID and by biometric identification of the subject among enrolled authorized subjects 
being read by said reader, and 

wherein said identification produces a set of N best matches for N subsets, and an 
index formed by concatenation of the N indices uniquely identifies the subject. 

49. (Currently amended) An apparatus comprising: 

at least one sensor two sensors to obtain at least two forms of biometric dat a, each 
said biometric data form respectively providing an identification metric that uniquely 
identifies an individual: 

a non volatile memory to store biometric data from said at least one s en s or two 
sensors during a an initiation stage; and 

a comparator to compare said biometric data stored in said non volatile memory with 
a biometric data obtained by said at least one sensor two sensors during an authentication 
stage, 

wherein said at least one sen s o r two sensors, said non volatile memory, and said 
comparator are all located on a same device. 

50. (Previously presented) The method of claim 20, wherein said being maintained 
inaccessible includes an encryption of said biometric information before being stored to be 
carried by said subject. 
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